infrastructure-as-code
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill is defensive in nature, providing architectural patterns and validation rules to prevent vulnerabilities such as hardcoded secrets and unencrypted storage.
- PROMPT_INJECTION (SAFE): The skill possesses a surface for indirect prompt injection as it is designed to process untrusted user-provided IaC files. However, the risk is negligible as it lacks exploitable tools for code execution or exfiltration. Ingestion points: user-provided .tf, .tfvars, .yml, and .sh files; Boundary markers: None explicitly defined; Capability inventory: Architectural advice and linting only; Sanitization: None.
- EXTERNAL_DOWNLOADS (SAFE): No external package dependencies or remote execution patterns (e.g., curl to bash) were found in the provided files.
Audit Metadata